CVE-2016-7054
ChaCha20/Poly1305 heap-buffer-overflow
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. This can result in an OpenSSL crash. This issue is not considered to be exploitable beyond a DoS.
En OpenSSL 1.1.0 anterior a 1.1.0c, las conexiones TLS que utilizan *-CHACHA20-POLY1305 ciphersuites pueden ser víctimas de una denegación de servicio si se corrompe el payload. Esto puede derivar la caída de OpenSSL. Este problema no se considera explotable más allá de una denegación de servicio.
*Credits:
Robert Święcki (Google Security Team)
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-08-23 CVE Reserved
- 2016-11-10 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 First Exploit
- 2024-11-16 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-284: Improper Access Control
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/94238 | Third Party Advisory | |
http://www.securitytracker.com/id/1037261 | Vdb Entry | |
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03744en_us | X_refsource_confirm |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/40899 | 2024-09-17 |
URL | Date | SRC |
---|---|---|
https://www.openssl.org/news/secadv/20161110.txt | 2017-09-03 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.1.0 Search vendor "Openssl" for product "Openssl" and version "1.1.0" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.1.0a Search vendor "Openssl" for product "Openssl" and version "1.1.0a" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.1.0b Search vendor "Openssl" for product "Openssl" and version "1.1.0b" | - |
Affected
|